Many applications handle protected content, such as copyrighted text, audio, video, etc., that is protected by a digital rights management system. Typically, the protection of content is achieved by encrypting the content and allowing it to be decrypted and handled in clear-text form only by trusted applications. “Trust” of an application is generally established by incorporating security measures into the application (e.g., encrypted code, integrity checks, obfuscated cryptographic keys, etc.), and executing the trusted application in its own process so that the data handled by the trusted application is not available to other processes.
While isolating a trusted application in its own process provides excellent protection for the trusted content, doing so deprives the application of one of the benefits of executing on an open platform: the ability to integrate with other applications running on the same platform. Typically, when a first application needs to use some capability available in a second application, the first application will simply run the separate application within its own process. For example, the designers of an application may wish to provide a limited form of web browsing capability within their application. Rather than re-invent the wheel by writing browser capability into the program from scratch, the designers may allow the application to run a browser (such as the INTERNET EXPLORER browser) in the same process. However, if the application is trusted, running a browser “in-proc” may subvert the security scheme of the trusted application. The browser code may not be secure to the same extent as the trusted application. Even if the browser code itself is secure, the browser provides the capability to import executable code from other sources that may not be trusted. If trust is to be maintained, executable code from unknown sources cannot be given access to the address space of the trusted application and therefore cannot be run in process.
In view of the foregoing, there is a need for a technique for integrating general-purpose application with trusted applications that overcomes the drawbacks of the prior art.